Symantec¢âControl Compliance Suite Virtualization Security Manager
Overview
Symantec¢âControl Compliance Suite Virtualization Security Manager allows you to confidently take advantage of the benefits of virtualization without worrying about degrading your security or compliance posture. Control Compliance Suite Virtualization Security Manager delivers powerful control features, allowing you to isolate compliance relevant virtual assets, limit access to and from them, and dictate where and if they move. You can leverage Control Compliance Virtualization Security Manager to provide system administrators the operational control they need to power-cycle and take snap shots of their application, without introducing risk to other applications on the same infrastructure. The granular access control capabilities allow you to reduce access to privileged accounts as well as manage user access to your virtual assets, and the two- factor approval cycle provides an additional layer of security for key actions. Automated regular assessment of configuration and security settings for the virtual infrastructure, as well as detailed logging of both successful and failed actions and configuration changes, provide the in depth data auditors are looking to show due care, and address many of the requirements of regulations such as PCI, HIPAA, EU data protection legislation and others.
The combination of these control features improves your overall security posture, and reduces the risk of unplanned changes or malware infecting your virtual environments.
Benefits
- Secure your virtual assets against internal and external threats
- Improve risk posture by actively managing privileged accounts and access rights
- Reduce compliance scope by effectively isolating impacted virtual systems
- Avoid downtime risk and identity unplanned changes with regular configuration assessments
Features
- Logical separation of virtual machine instances on the same hypervisor
- Granular access control to prevent misuse of privileged accounts
- Detailed activity logging that captures who did what and when and documents failed actions
- Two level approval cycle workflow to protect key functions like 'delete datastore'
SManaging across converged infrastructure Integration with Control Compliance Suite
Most ITenvironments include a mix of virtual and physical assets with separate reporting and management interfaces, making it difficult to implement an integrated security and compliance program. Control Compliance Suite addresses this challenge by providing a single platform across both physical and virtual assets to manage security, compliance, and risk.
Control Compliance Suite provides continuous controls assessments of both physical and virtual assets, allowing you to generate more timely and complete data for on-demand responses to critical ITissues. This consolidated approach allows you to prioritize remediation efforts across both, based on risks rather than technical severity. It also simplifies the ongoing process of providing collecting data for audit requirements.
Additional Symantec solutions for IT Risk and Compliance Control Compliance Suite provides a framework for IT Governance, Risk, and Compliance. You can communicate IT risk in business-relevant terms, prioritize remediation efforts based on risk, and automate time-consuming manual processes to improve your security and compliance posture.
Control Compliance Suite comprises of five components which are fully interoperable, and available separately or as part of the suite. Infrastructure capabilities available with all modules include a unique and highly scalable data framework to normalize and analyze large volumes of data, customizable Web-based dashboards and reports, and workflow integration with remediation ticketing systems.
- Symantec¢âControl Compliance Suite Risk Manager conveys the impact of ITrisk in business- relevant terms. You can work with business leaders to identify ITrisk thresholds, assign ownership, and track risk reduction over time.
- Symantec¢âControl Compliance Suite Policy Manager simplifies policy management with out-of-the-box policy content for multiple mandates, automatically mapped to controls and updated on a quarterly basis.
- Symantec¢âControl Compliance Suite Standards Manager an industry-leading configuration assessment solution designed to evaluate if systems are secured, configured, and patched according to standards.
- Symantec¢âControl Compliance Suite Assessment Manager simplifies the evaluation of procedural controls by providing automated Web-based questionnaires which can also be used to evaluate employee security awareness.
- Symantec¢âControl Compliance Suite Vulnerability Manager performs end-to-end vulnerability assessment of Web applications, databases, servers, and network devices, delivering a single view of security threats across your IT infrastructure.
|